https://cert-portal.siemens.com/productcert/html/ssa-976324.html <br/></td> CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"/>https://cert-portal.siemens.com/productcert/html/ssa-976324.html <br/></td> CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"/>

Exploit
CVE-2024-32057

Access of Resource Using Incompatible Type ('Type Confusion') (CWE-843)

Published: May 14, 2024 / Updated: 6mo ago

010
CVSS 7.3EPSS 0.04%High
CVE info copied to clipboard

Summary

This vulnerability affects Siemens Simcenter Femap and allows remote attackers to execute arbitrary code. The specific flaw exists within the parsing of IGS files within the IGES_2022_2 executable. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or open a malicious file.

Impact

An attacker can leverage this vulnerability to execute code in the context of the current process. This could lead to complete compromise of the affected system, potentially allowing unauthorized access to sensitive data, system modifications, or further lateral movement within the network. The vulnerability has high impacts on confidentiality, integrity, and availability of the affected system.

Exploitation

One proof-of-concept exploit is available on zerodayinitiative.com. There is no evidence of proof of exploitation at the moment.

Patch

Siemens has issued an update to correct this vulnerability. More details can be found at: https://cert-portal.siemens.com/productcert/html/ssa-976324.html

Mitigation

1. Apply the security update provided by Siemens as soon as possible. 2. Implement strict access controls and network segmentation to limit exposure of affected systems. 3. Educate users about the risks of visiting untrusted websites or opening suspicious files, especially on systems running Simcenter Femap. 4. Consider implementing application whitelisting to prevent unauthorized executables from running. 5. Regularly monitor systems for any signs of compromise or unusual activity.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Timeline

First Article

Feedly found the first article mentioning CVE-2024-32057. See article

May 14, 2024 at 11:01 AM / <object object at 0x7a5aa54e11f0>
CVSS Estimate

Feedly estimated the CVSS score as HIGH

May 14, 2024 at 11:04 AM
CVE Assignment

NVD published the first details for CVE-2024-32057

May 14, 2024 at 4:16 PM
CVSS

A CVSS base score of 7.8 has been assigned.

May 14, 2024 at 4:23 PM / nvd
EPSS

EPSS Score was set to: 0.04% (Percentile: 8.5%)

May 15, 2024 at 9:25 AM
Static CVE Timeline Graph

Affected Systems

Siemens/simcenter_femap
+null more

Exploits

https://www.zerodayinitiative.com/advisories/ZDI-24-458/
+null more

Vendor Advisory

ZDI-24-458: Siemens Simcenter Femap IGS File Parsing Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. Siemens has issued an update to correct this vulnerability.

News

Siemens Simcenter Femap
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files.
SSA-064222
Siemens thanks the following parties for their efforts: Michael Heinzl for coordinated disclosure of CVE-2024-32055, CVE-2024-32056, CVE-2024-33577, CVE-2024-33653 and CVE-2024-33654 Trend Micro Zero Day Initiative for coordinated disclosure of vulnerabilities from CVE-2024-32057 through CVE-2024-32066
Multiple vulnerabilities in Siemens PS/IGES Parasolid Translator Component
A remote attacker can create a specially crafted IGS file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system, leading to arbitrary code execution. A remote attacker can create a specially crafted IGS file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system, leading to arbitrary code execution.
ZDI-24-458: Siemens Simcenter Femap IGS File Parsing Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. Siemens has issued an update to correct this vulnerability.
Siemens PS/IGES Parasolid Translator Component
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. The affected application contains a type confusion vulnerability while parsing IGS files.
See 2 more articles and social media posts

CVSS V3.1

Attack Vector:Local
Attack Complexity:Low
Privileges Required:None
User Interaction:Required
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI